Cyber Security Summit
Security in Depth
Answering the Call of State Leadership
WCTC's 3rd Annual Cyber Security Summit, in partnership with Marquette University, is designed to answer the call of state leadership to take action to secure our critical infrastructure.
Join representatives of government, industry and education as we discuss what must be done to understand and combat threats. Parallel sessions will dive deep into the technical aspects of cyber security, while panel sessions will discuss trends and required actions to build awareness. Given the rising prevalence of social cyber-attacks, there can be no defense without cyber security awareness for business, education, government and the general public.
Friday, October 28, 2016
7:15 a.m. – 12:15 p.m.
Registration and networking at 7:15, opening remarks begin at 7:45.
Waukesha County Technical College
Business Building, room 115/117
800 Main Street
Pewaukee, WI 53072
No cost; light breakfast provided.
Anyone interested in strengthening their cyber security defense‐ CEOs, CIOs, small business owners, IT security decision makers, IT professionals, non‐profit leaders, educational partners and local government representatives.
- Dr. Brad Piazza, Vice President- Learning, Waukesha County Technical College
- Dr. Richard C. Holz, Dean, Klingler College of Arts and Sciences, Marquette University
- Laura Catherman, President, WOW Workforce Development Board
- Eric Huemmer, Community Engagement Coordinator, Waukesha County Business Alliance
- Lieutenant Governor Rebecca Kleefisch, State of Wisconsin
Registration for this event is now closed.
See Session information below
Panel- Government and General Public Awareness
Governments and agencies serving the general public have a responsibility to their constituents to make them aware of threats and defenses and to protect the privacy of information. National programs have been defined to help organizations increase cyber security awareness that can protect the infrastructure and information and maintain privacy. This panel will help answer the question, 'What is being done locally and what is most effective?'
Al Mundt, Infrastructure Administrator and Information Security Officer, Waukesha County
Britt Lindley, Fox Cities Chamber and VP, Thrivent Financial
Byron Franz, Special Agent, FBI
Michael Goetzman, Global Information Security Manager, The Master Lock Company and Founder, CypherCon
David Cagigal, CIO and Division Administrator, Wisconsin Department of Administration
John Rineck, Security Analyst, Center for International Blood and Marrow Transplant Research
Matt Little, Board Member, National Cyber Security Alliance and VP Product Development, PKWare
Panel- Business and Industry, Employees and Customers
Businesses need to ensure employees protect intellectual property through cyber security awareness. In cases where a business is building products that might be targets for cybercrime, they need to make sure employees understand the cyber threats and the cyber defenses that must be built into the products. This panel will help answer the question, 'What is being done in local businesses and non-profits and what is most effective?'
Brian Keery, Product Strategy Manager, Astronautics Corporation of America
David Kliemann, Director, IT Audit, Fiserv
Munish Verma, President, Kettle Moraine ISACA and Managing Director, Avail Consulting
Richard Oakes, Account Executive, Presidio
Sunil Krishnan, Regional Manager, Trend Micro
Panel- K-12 Education
As we educate the future generations, the students must be kept safe in our schools and homes, and they must learn safe computing practices. Our K-12 education system has an academic role to teach and a technical role to protect. K-12 schools also have a role in assuring awareness of cyber security careers and preparedness for those careers. This panel will help answer the question, 'What is being done in local school systems and what is most effective?'
Brain Casey, Director of Technology, Stevens Point Area Public Schools
Dan Scott, Director of Technology, School District of Elmbrook
Diane Doersch, CTIO, Green Bay Area Public Schools
Nathan Mielke, Technology Service, Hartford Union High School, and Past President WETL
Tony Spence, CIO, Muskego-Norway School District
Jamie Price, District Technology Coordinator, Wauwatosa School District
Panel- Higher Education
Similar to the role of K-12 Education, higher education must protect students and university resources as well as educate students. We need to make students aware of careers in cyber security and prepare them to embark on those careers. Since we have become a digital society, education about cyber security should not be limited to technical careers. This panel will help answer the question, 'What is being done in local higher education and what is most effective?'
Bob Turner, CISO, University of Wisconsin-Madison
Jeremy Edson, Information Security Manager, Marquette University
Kim Ehlert, Dean - School of Business, Waukesha County Technical College
Max McGrath, Network Administrator, Carthage College
NIST CSF vs. the Ukraine Cyber-attack
Mark Binkelman, Team Leader- Cyber Security, American Transmission Company
Using concepts from the NIST Cybersecurity Framework (Prevent, Detect, Respond and Recover), analyze the first-of-its-kind cyber-attack against the Ukraine power grid and discuss strategies to defend against a determined adversary.
Preparing for a Compliance Audit
Bill Curtis, CISSP, CISA, QSA Senior Information Assurance Consultant, SynerComm
Compliance audits are necessary but do not need to be painful. Being prepared for an audit is so much more than the ability to show an auditor what they need to see. Being prepared for an audit is when an organization already knows the answers to the questions. Explore best practices to develop and execute an effective information systems compliance program.
Getting Pwned: What you learn from your first penetration test
Jeremy Bauer, Information Security Manager, Foot Locker, Inc.
Penetration tests are a great source for understanding the effectiveness of your security controls as well as the health of your security program. Learn the process of engaging professional pen testers, from reduced scope exercises to engaging zero-visibility red teams, and how the real value comes from what happens after the test.
Mobile Device Management & BYOD in a Mobile World
Adam Furger, Manager, Unified Communications, Foot Locker, Inc.
Today's modern workforce requires the ability to work anywhere. This task becomes more challenging as employees prefer using personally owned devices over corporate owned assets. Dive into the tools used to keep your corporate information safe and learn about maneuvering the minefield of implementing BYOD in a corporation.
Private Data, Prying Eyes
Paul Hager, Chief Executive Officer, Information Technology Professionals
The dark web is a scary and dangerous place. What information is safe to share online? Which large retail store is experiencing a credit card breach now? Is your private information being stolen or sold with malicious intent? Some of the greatest threats to your environments are not viruses or ransomware – but rather the individuals within your organization, sharing sensitive information. Discover the current state of cyber threats and how organizations can safeguard their data.
Moving From Chaos to Control Using Business Continuity and Crisis Response Best Practices
Steve Stoeger-Moore, President and Joseph DesPlaines, Business Continuity and Crisis Response Consultant, Districts Mutual Insurance
Every response to a crisis event begins with chaos. However, a review of crisis management over the past ten years gives clear evidence that there are practices that can assist in quickly moving from chaos to control. Learn effective best practices and how these actions can help anticipate, respond to, manage and recover from a workplace crisis.
Workforce Awareness – Enable your Workforce to Understand Risk
Fred Hinchcliffe, Director Enterprise Security Services, GE Healthcare
Building Security awareness into an organization is not easy, and reaching the right people can be even harder. How to build a program that goes further.
Doing DLP Right the First Time
Fred Hinchcliffe, Director Enterprise Security Services, GE Healthcare
Understanding 'what' you want to protect is only the first step. An effective Data Loss Prevention program needs to start at the top and include everyone.
Security Training is Not Security Awareness
Dennis Dillman, Chief Operating Officer, PhishLine
Discover mechanisms for evaluating training effectiveness and strategies for non-traditional training that can increase the levels of employee security awareness in ways that translate into a more secure organization.
The PCI DSS: Common Pitfalls and the Questions You Should be asking within Your Organization
Theresa LaMott, Security Analyst, Sikich
The Payment Card Industry Data Security Standard (PCI DSS) has quickly become a mature and accepted security baseline, even for companies not accepting credit card transactions. Despite the maturity of the standard, organizations continue to make many of the same internal IT mistakes that lead to noncompliance and overcomplicate compliance efforts. During this session, learn the common mistakes companies make in regard to the PCI DSS. Learn what questions to ask your organization's management to gauge if the level of compliance at which the business is operating at is realistic.
Incident Response: Bad Guys Level Up
Mark Shelhart, Forensic and Incident Response Lead, Sikich
Security regulations have significantly changed in the past year. In response, attackers have dramatically evolved their methods and their level of persistence is off the charts. Get a real-world analysis of large breaches from the past calendar year; examine what changed within the threat landscape as well as de-construct malware at a level your parents could understand. Learn how attackers are using your employees against you. If you're an overworked IT person, this presentation will help you map your security risks to potential attack vectors and where your next attack might start.
Navigating Security Certifications and the Cyber Range
David Askey, Sr. Security Instructor, TechNow, Inc.
As a Cyber Security Professional we have available an array of certifications. As a manager we see these certifications on resumes. Learn how to value and prioritize security certifications for personal and enterprise benefit. Certifications will be broken down into applicability to job function, overlap of objectives with similar certifications, difficulty of preparation and testing, quality of the certification and cost of acquisition and maintenance. Training paths will be presented that logically and successfully move you through a sequence of certifications minimizing personal stress. In support of certifications, Cyber Ranges help prepare for a hands-on certification and qualify a job candidate. Walk through a Cyber Range, its construction and management, and the creation of Capture the Flag objectives and scoring aligned to certifications and job function.
Password Access Management for the Enterprise to Ensure Secure Access by Authorized Users
Jim Dziak, President/CEO, AxCel Technology
Secure, manage, automatically change and log all activities associated with shared administrative and super user accounts. Isolate, control and monitor privileged access to domain admin/local administrative accounts, servers, network devices, databases, web applications and virtual machines. Assign granular permissions, segregation of duties, and strong access controls around super user accounts.
Presented in partnership:
The expanded Network Enterprise Administrator – INTERFACE Accelerated training opportunities are available thanks to a TAACCCT grant, and priority is given to veterans and TAA workers (those who lost jobs due to layoffs as a result of foreign trade). The $23.1 million grant from the U.S. Department of Labor’s Trade Adjustment Community College and Career Training (TAACCCT) Grant, which is shared among Wisconsin’s 16 technical colleges, has made this training possible.
To learn more about how the grant supports programming, contact the IT Skills and Placement Coordinator, at 262.691.5335.